FBI is Remotely Activating Android Smartphone and Laptop Microphones

Image representing Android as depicted in Crun...

According to an article out in the Wall Street Journal this week, it appears that the FBI has been busy exploiting vulnerabilities in the Android operating system to spy on people.  Hopefully they’re just spying on the bad guys, but with things going as they have been lately, who knows?

According to the WSJ’s source, the FBI resorts to these tactics when they’re out of options, and “don’t have any other choice.” The tools used to gather the data are often installed remotely, using essentially phishing style links that injects essentially Trojan software when clicked by a suspect under surveillance. They can also be installed via physical access and a USB drive, the report says, and in all cases the FBI tries to ensure only “relevant data” are gathered by its hacking efforts, through the use of a screening team that checks for relevancy before handing information off to investigators working the case.

The FBI employs a number of hackers who write custom surveillance software, and also buys software from the private sector, former U.S. officials told the WSJ.

FBI Director Pushing for Internet Wiretaps

Official portrait of the Director of the Feder...

The Obama administration, resolving years of internal debate, is on the verge of backing a Federal Bureau of Investigation plan for a sweeping overhaul of surveillance laws that would make it easier to wiretap people who communicate using the Internet rather than by traditional phone services, according to officials familiar with the deliberations.

The F.B.I. director, Robert S. Mueller III, has argued that the bureau’s ability to carry out court-approved eavesdropping on suspects is “going dark” as communications technology evolves, and since 2010 has pushed for a legal mandate requiring companies like Facebook and Google to build into their instant-messaging and other such systems a capacity to comply with wiretap orders. That proposal, however, bogged down amid concerns by other agencies, like the Commerce Department, about quashing Silicon Valley innovation.

Nation-Wide Facial Recognition Service Being Launched by FBI

Seal of the Central Intelligence Agency of the...

Image via Wikipedia

I first started working with Biometrics back in the 1970’s in helping a graduate student develop a signature recognition system.  Back then we were using mainframes, punch cards, a TTY33 and some very grainy EBCDIC artwork to help render the signatures.  We never got very far, but we were able to make some interesting inroads.  Boy have things changed.

We’ve talked on the show before about the NFL’s ties to the FBI and CIA and how you haven’t been able to go to a Super Bowl football game in years without having your photograph taken and analyzed against a database of known terrorists and criminals.  This technology has reportedly been used to stop and arrest less than a handful of people over the course of the program.

The UK has become surveillance-central with tens of thousands of cameras capturing images of people’s faces, automobiles and tracking them as they move throughout the cities.  This information is also being used to fight crime and detour n’er-do-wells.

Now the FBI has stepped in and is planning on rolling out a national-wide Facial Recognition Service which will allow any cop on the street with a smartphone to take your photo and run it through an FBI background check.  Police vehicles will end up being equipped with cameras which go beyond their current function of running every license plate of every car within their shot to be fully integrated with the FBI and used to look up your background.  Hopefully, they’ll catch a few bad guys.

But data has a way of sticking around.

Given a few years, this database of queries against the system will contain incredible information about the movement of people throughout the country and around the world.  The government will be able to question you because they think your movements aren’t quite what they’d like them to be.  They will be able to determine where you work, which restaurants you frequent, which car you drive and much more.

Database analytics has become a very large field for the government, and with the advent of a national facial recognition service, database vendors will be able to look forward to their best growth ever.  Citizens, however, must be eternally vigilant to make sure this type of power does not become mis-used.

And the private sector?  Google, Facebook and others are pretty excited about using facial recognition to tie all of your photographs together.  Kinda nice to be able to find shots of your great aunt Lucy with your Mom and Dad, and the marketing angles are incredible.  So are the risks.

Hacking World Moves into Celebrity Nudes

Scarlett Johansson.

Image via Wikipedia

The FBI has confirmed that it’s investigating claims by at least three young celebrities, Scarlett Johansson, Mila Kunis, and singer Justin Timberlake, that their phones have been hacked.  Turns out that smart phones aren’t too smart when it comes to security and that celebrities seem to follow that same trend.

The two nude photographs of Scarlett Johansson became widely available in the US after links to them were posted on an aggregator site this week and photos and texts between Kunis and Timberlake have been available for some time.

The FBI’s rapid involvement in the case is the most interesting twist.  Cell phone hacks have been ongoing for well more than a decade, and there’s been little that has been done by law enforcement or congress to curb the assault — which may be a good thing.  Technology always leads society’s response to that technology.

If you’re not a celebrity, it doesn’t mean that you’re safe.  The contents of your phone’s contacts list, documents, email, etc. have been available to professional hackers for years and although the security technology embedded in our smart phones is getting better, it will likely be a couple of years before using our phones is reasonably safe.

Your phone can be hacked via its Bluetooth connection, WiFi connection and even over the airwaves you use to talk.  Hackers have demonstrated devices which allow them to have the same access privileges as your phone’s provider — which means that they can get at everything and anything on your phone without your permission, and without even your knowledge.

4G Mobile Networks Cause Wiretap Concern at FBI

J. Edgar Hoover, director of the F.B.I, photog...

Image via Wikipedia

We’ve long known that the FBI and other law-enforcement agencies are able to obtain wire taps to monitor suspected criminal behavior on telephones and internet connections.  In recent years they’ve even been able to do some monitoring without court order via the Patriot Act.

In a recently de-classified document, the FBI acknowledges that the wireless revolution is creating serious problems for monitoring individuals.  The use of the newest high-speed “4G” networks, such as Verizon‘s LTE, provide 20Mbps connections which were unheard of just one year ago.  Processing and analyzing these fire-hoses of information is presenting numerous technical challenges for everyone involved.

All voice calls on 4G networks are placed using VoIP technologies.  One of the major problems the FBI has noted with this technology, arises from the tunnels that are used within networks during the “handoff” of IP traffic as it’s transmitted. “Tunnels within a network increase the complexity of lawful intercept (LI) solutions,” reads the newsletter. The challenges presented by tunnels include “difficulty in identifying the traffic of a particular user (e.g., deep packet inspection may be needed), accessing the content of a tunnel at its end-points, and the use of encryption within tunnels.”

On top of the strictly fire-hose amounts of data problems noted is the ability to use high-level encryption on-the-fly with these newer, faster phones.  Free software, such as that from Phil Zimmerman of PGP fame, allows people to communicate without fear of commercial or government monitoring.  As the use of encryption for communications increases, the FBI and other law enforcement agencies problems are going to increase exponentially.